Catenaa, Monday, March 02, 2026- Cybersecurity firm CrowdStrike reports an 89% year-on-year rise in AI-enabled attacks targeting credentials, reconnaissance, and evasion, highlighting a rapid shift in threat strategies.
Hackers exploited generative AI tools at over 90 organizations to generate commands for stealing credentials and cryptocurrency, while also leveraging AI development platform vulnerabilities to deploy ransomware and set up malicious AI servers impersonating trusted services.
CrowdStrike said AI is increasingly embedded in development pipelines, SaaS platforms, and operational workflows, making AI systems themselves a core attack surface.
Once intrusions occur, attackers move faster than ever; average breakout time dropped to 29 minutes in 2025, a 65% decrease from 2024, with the fastest-ever breach recorded at just 27 seconds. One attack took under four minutes from network entry to data exfiltration.
The majority of incidents, 82%, were malware-free, with attackers using stolen credentials, trusted identity flows, and authorized SaaS integrations to evade detection.
State-sponsored activity also surged, with China-linked attacks up 38% and North Korea-linked incidents rising 130%.
Industry surveys suggest widespread unpreparedness. Cisco’s Cybersecurity Readiness Index found only 4% of companies meet mature defensive standards, while 86% of respondents reported an AI-related security incident in the past year.
Just 45% felt equipped to conduct AI security assessments. Experts warn that as AI adoption grows, enterprises must accelerate defenses to keep pace with faster, AI-driven threats.
